case 'requestpw': $controller->setPageTitle(WT_I18N::translate('Lost password request'))->pageHeader(); echo '<div id="login-page">'; $user_name = WT_Filter::post('new_passwd_username', WT_REGEX_USERNAME); $user = User::findByIdentifier($user_name); if ($user) { $passchars = 'abcdefghijklmnopqrstuvqxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; $user_new_pw = ''; $max = strlen($passchars) - 1; for ($i = 0; $i < 8; $i++) { $index = rand(0, $max); $user_new_pw .= $passchars[$index]; } $user->setPassword($user_new_pw); Log::addAuthenticationLog('Password request was sent to user: '******'Lost password request'), WT_I18N::translate('Hello %s…', $user->getRealName()) . WT_Mail::EOL . WT_Mail::EOL . WT_I18N::translate('A new password was requested for your user name.') . WT_Mail::EOL . WT_Mail::EOL . WT_I18N::translate('Username') . ": " . $user->getUserName() . WT_Mail::EOL . WT_I18N::translate('Password') . ": " . $user_new_pw . WT_Mail::EOL . WT_Mail::EOL . WT_I18N::translate('After you have logged in, select the “My account” link under the “My page” menu and fill in the password fields to change your password.') . WT_Mail::EOL . WT_Mail::EOL . '<a href="' . WT_SERVER_NAME . WT_SCRIPT_PATH . 'login.php?ged=' . WT_GEDURL . '">' . WT_SERVER_NAME . WT_SCRIPT_PATH . 'login.php?ged=' . WT_GEDURL . '</a>'); } // Show a success message, even if the user account does not exist. // Otherwise this page can be used to guess/test usernames. // A genuine user will hopefully always know their own email address. echo '<div class="confirm"><p>', WT_I18N::translate('A new password has been created and emailed to %s. You can change this password after you login.', $user_name), '</p></div>'; echo '</div>'; break; case 'register': if (!WT_Site::preference('USE_REGISTRATION_MODULE')) { header('Location: ' . WT_SERVER_NAME . WT_SCRIPT_PATH); exit; } $controller->setPageTitle(WT_I18N::translate('Request new user account')); // The form parameters are mandatory, and the validation errors are shown in the client. if ($WT_SESSION->good_to_send && $user_name && $user_password01 && $user_password01 == $user_password02 && $user_realname && $user_email && $user_comments) {
public function getBlock($block_id, $template = true, $cfg = null) { global $ctype, $WEBTREES_EMAIL; $changes = WT_DB::prepare("SELECT 1" . " FROM `##change`" . " WHERE status='pending'" . " LIMIT 1")->fetchOne(); $days = get_block_setting($block_id, 'days', 1); $sendmail = get_block_setting($block_id, 'sendmail', true); $block = get_block_setting($block_id, 'block', true); if ($cfg) { foreach (array('days', 'sendmail', 'block') as $name) { if (array_key_exists($name, $cfg)) { ${$name} = $cfg[$name]; } } } if ($changes && $sendmail == 'yes') { // There are pending changes - tell moderators/managers/administrators about them. if (WT_TIMESTAMP - WT_Site::getPreference('LAST_CHANGE_EMAIL') > 60 * 60 * 24 * $days) { // Which users have pending changes? foreach (User::all() as $user) { if ($user->getSetting('contactmethod') !== 'none') { foreach (WT_Tree::getAll() as $tree) { if (exists_pending_change($user, $tree)) { WT_I18N::init($user->getSetting('language')); WT_Mail::systemMessage($tree, $user, WT_I18N::translate('Pending changes'), WT_I18N::translate('There are pending changes for you to moderate.') . WT_Mail::EOL . WT_MAIL::EOL . '<a href="' . WT_SERVER_NAME . WT_SCRIPT_PATH . 'index.php?ged=' . WT_GEDURL . '">' . WT_SERVER_NAME . WT_SCRIPT_PATH . 'index.php?ged=' . WT_GEDURL . '</a>'); WT_I18N::init(WT_LOCALE); } } } } WT_Site::setPreference('LAST_CHANGE_EMAIL', WT_TIMESTAMP); } if (WT_USER_CAN_EDIT) { $id = $this->getName() . $block_id; $class = $this->getName() . '_block'; if ($ctype == 'gedcom' && WT_USER_GEDCOM_ADMIN || $ctype == 'user' && WT_USER_ID) { $title = '<i class="icon-admin" title="' . WT_I18N::translate('Configure') . '" onclick="modalDialog(\'block_edit.php?block_id=' . $block_id . '\', \'' . $this->getTitle() . '\');"></i>'; } else { $title = ''; } $title .= $this->getTitle() . help_link('review_changes', $this->getName()); $content = ''; if (WT_USER_CAN_ACCEPT) { $content .= "<a href=\"#\" onclick=\"window.open('edit_changes.php','_blank', chan_window_specs); return false;\">" . WT_I18N::translate('There are pending changes for you to moderate.') . "</a><br>"; } if ($sendmail == "yes") { $content .= WT_I18N::translate('Last email reminder was sent ') . format_timestamp(WT_Site::getPreference('LAST_CHANGE_EMAIL')) . "<br>"; $content .= WT_I18N::translate('Next email reminder will be sent after ') . format_timestamp(WT_Site::getPreference('LAST_CHANGE_EMAIL') + 60 * 60 * 24 * $days) . "<br><br>"; } $changes = WT_DB::prepare("SELECT xref" . " FROM `##change`" . " WHERE status='pending'" . " AND gedcom_id=?" . " GROUP BY xref")->execute(array(WT_GED_ID))->fetchAll(); foreach ($changes as $change) { $record = WT_GedcomRecord::getInstance($change->xref); if ($record->canShow()) { $content .= '<b>' . $record->getFullName() . '</b>'; $content .= $block ? '<br>' : ' '; $content .= '<a href="' . $record->getHtmlUrl() . '">' . WT_I18N::translate('View the changes') . '</a>'; $content .= '<br>'; } } if ($template) { if ($block) { require WT_THEME_DIR . 'templates/block_small_temp.php'; } else { require WT_THEME_DIR . 'templates/block_main_temp.php'; } } else { return $content; } } } }
if (!(Auth::isAdmin() || $user && $user->getSetting('editaccount') && in_array($id2, array('language', 'visible_online', 'contact_method')))) { fail(); } // Validation switch ($id2) { case 'canadmin': // Cannot change our own admin status - either to add it or remove it if (Auth::user() == $user) { fail(); } break; case 'verified_by_admin': // Approving for the first time? Send a confirmation email if ($value && !$user->getSetting('verified_by_admin') && $user->getSetting('sessiontime') == 0) { WT_I18N::init($user->getSetting('language')); WT_Mail::systemMessage($WT_TREE, $user, WT_I18N::translate('Approval of account at %s', WT_SERVER_NAME . WT_SCRIPT_PATH), WT_I18N::translate('The administrator at the webtrees site %s has approved your application for an account. You may now login by accessing the following link: %s', WT_SERVER_NAME . WT_SCRIPT_PATH, WT_SERVER_NAME . WT_SCRIPT_PATH)); } break; case 'auto_accept': case 'editaccount': case 'verified': case 'visibleonline': case 'max_relation_path': $value = (int) $value; break; case 'contactmethod': case 'comment': case 'language': case 'theme': break; default: